Governance Risk and Compliance Engineer
In Time Tec, a global software solutions company based in Meridian, Idaho, is hiring a full-time Governance Risk and Compliance Engineer. Founded in 2009, In Time Tec is committed to creating abundance for our partners, employees, stakeholders, and the community. We partner with clients, often working onsite in their offices to explore and understand business requirements to deliver long-term custom software services. We are recognized as one of Inc. 5000's fastest-growing privately-held companies and have been named as one of the Best Places to Work in Idaho for five consecutive years.
In Time Tec offers competitive compensation, health/vision/dental benefits, 401k, FSAs, tenure-based paid time off, and countless personal and professional development opportunities.
Are You a Fit?
Those who thrive at In Time Tec are focused first and foremost on people and making a difference for others. They are committed to and have a passion for learning their craft and developing themselves as leaders. Competency to deliver and perform is required. Work is seen as a vehicle to create abundance for our partners, teams, families, and community.
Those who need predictability, clearly defined roadmaps, consistent direction, and a set schedule may find In Time Tec's work environment challenging.
If you are considering joining In Time Tec, we strongly encourage you to read our blog posts, listen to our podcasts, read reviews, etc. to get a better sense of who we are.
Please explore the resources provided below:
· https://www.glassdoor.com/Reviews/In-Time-Tec-Reviews-E484136.htm
· https://www.youtube.com/watch?v=03gQSvmG2Ps&feature=youtu.be
· https://www.youtube.com/watch?v=mG3zwQhrigo
Responsibilities
A Governance Risk and Compliance engineer is open and willing to do what needs to be done to support successful compliance with HIPPA, NIST, and industry security standards. The Governance Risk and Compliance engineer is passionate about evaluating risk, performing risk assessments, using their experience and knowledge to understand vulnerabilities and the impact if exploited, generating reports based on findings, facilitating internal team interviews, and mitigations as needed. When opportunities exist for improvement, the Governance Risk and Compliance engineer engages with the team to explore how to leverage NIST practices and standards to deliver value to the partner and project.
- Perform risk assessments identifying what controls we have in place and the overall impact created by the vulnerabilities reported
- Manage, maintain, comply, and understand policies NIST 800-53, 800-39, 800-37
- Collaborate with development teams to interview and understand requirements and create clarity on what needs to be done.
- Create reports, presentations, and other materials to communicate risk assessments and management strategies to executives and stakeholders.
- Meet and collaborate with our development teams in India as needed based on project requirements.
- Participate in weekly technical and leadership development learning groups.
- 80% of time focused on partner projects and 20% of time with In Time Tec.
Technical Skills
- Strong understanding of risk assessment and being able to evaluate risk
- HIPPA
- PCI
- FEP
- CMS
- Familiarity with NIST
- NIST CSF
- 800-39
- 800-37
- Experience with LogicGate preferred
- Analyzing, writing recommendations, and responding to mitigations
- Writing Policies and Procedures
Qualifications
- Bachelor’s Degree in Computer Science, Computer Information Systems, Engineering, Computer Engineering, or a relevant field is preferred. If a candidate does not have a bachelor’s degree, then 3 or more relevant years of experience are required.
- 2-4 years of experience with Risk Management, Security.
- Experience working in governance, planning, mitigation, and creation of risk assessments for vulnerabilities and compliance.